gitee.com/mysnapcore/mysnapd@v0.1.0/interfaces/apparmor/apparmor.go

gitee.com/mysnapcore/mysnapd@v0.1.0/interfaces/apparmor/apparmor.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2016 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  // Package apparmor contains primitives for working with apparmor.
    21  //
    22  // References:
    23  //  - http://wiki.apparmor.net/index.php/Kernel_interfaces
    24  //  - http://apparmor.wiki.kernel.org/
    25  //  - http://manpages.ubuntu.com/manpages/xenial/en/man7/apparmor.7.html
    26  package apparmor
    27  
    28  import (
    29  	"fmt"
    30  	"strings"
    31  )
    32  
    33  // ValidateNoAppArmorRegexp will check that the given string does not
    34  // contain AppArmor regular expressions (AARE), double quotes or \0.
    35  // Note that to check the inverse of this, that is that a string has
    36  // valid AARE, one should use interfaces/utils.NewPathPattern().
    37  func ValidateNoAppArmorRegexp(s string) error {
    38  	const AARE = `?*[]{}^"` + "\x00"
    39  
    40  	if strings.ContainsAny(s, AARE) {
    41  		return fmt.Errorf("%q contains a reserved apparmor char from %s", s, AARE)
    42  	}
    43  	return nil
    44  }